Postfix SMTP

From Wiki

Revision as of 16:01, 30 January 2007 by Admin (Talk | contribs)
Jump to: navigation, search

Contents

Install as per normal

apt-get install postfix
Choose Internet Site Config.

After Install - Main folder = /etc/postfix
Main file = main.cf

Basic Changes:

Just the name used to identify server
myhostname = mail.domain.com
//disable lookup of usernames disable_vrfy_command = yes Remove hash beside delay_warning_time = 4h

Advanced Changes:

To prevent cross over emails between multiple domains,

e.g. where root@mydomain1.net and root@mydomain2.net are on the same server.

Add the following line into /etc/postfix/main.cf:
smtpd_sender_restrictions = check_recipient_access hash:/etc/postfix/restrict
Create the file: /etc/postfix/restrict
goodemail@mydomain2.net     OK
mydomain2.net               REJECT

To activate/ add this file into postfix, type in the shell ->
postmap /etc/postfix/restrict

Further Details at: http://www.seifried.org/security/index.php/Closet20001122_Postfix_-_The_Sendmail_Replacement,_Part_II

Restrict Mail delivery to Local users

On a lists (mailman) server I run - I want to disable mail delivery to local users, however I still want Postfix to deliver mail to /etc/aliases. The line below, which is to be put into /etc/postfix/main.cf forces postfix to only consult $alias_maps (which is: hash:/etc/aliases ).

local_recipient_maps = $alias_maps

Blocking Spam with spamhaus and Postfix

This is commonly referred to as a "Postfix anti-UCE configuration" (UCE - unsolicited emails). Postfix, with a very simply modification can block incoming email via spamhaus RBLs (Real Time Black-Hole Lists). The following line is to be added to /etc/postfix/main.cf:

smtpd_sender_restrictions reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net
//If there are entries already - thats fine, just comment delimit them.
//Note: sbl-xbl.spamhaus.org has now changed to zen.spamhaus.org as per http://www.spamhaus.org/zen/index.lasso

The sender is then bounced back an email saying "Blocked by spamhouse" and it is their, or their ISP's responsibility to remove themselves from spamhaus.
Note: "ping sbl-xbl.spamhaus.org" wont resolve. What postfix does when checking an ip (e.g. w.x.y.z), is to "ping z.y.x.w.sbl-xbl.spamhaus.org", and if that resolves - that ip is listed as spam. (thanks davisc).
Note: Make sure ICMP packets are allowed through the firewall. Otherwise postfix will get a "Destination Not Reachable" and allow the mail through.
See more details at: http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt and http://www.redhat.com/support/resources/howto/RH-postfix-HOWTO/x441.html

Debugging and Testing via Telnet

SENDING AN EMAIL VIA TELNET 25 & Testing forwarding

mail from: sri@mara.net
rcpt to: user@lastre.com
data
.
quit

Test and get working Normal - Should be able to send and revieve via pine etc.

Had to adjust /etc/hosts with domain name (this allowed sending emails ok):

127.0.0.1       localhost
136.201.1.250   kartbuilding.net        phidebian

Good URLS

http://www.muine.org/~hoang/postfix.html

http://www.debianhelp.co.uk/postfix.htm


Managing Postfix

Delete an Email from the Queue

For Example - sending an email to someone and it bounces. Defauly retry is for 3 days. To remove it manually :

postsuper -d queue_id

Tons more info at: http://www.postfix.org/postsuper.1.html

Personal tools